Skip to content

Commit ae48105

Browse files
divinity76jaapmarcus
divinity76
and
jaapmarcus
authored
fortify DrupalSetup (hestiacp#4563)
* fortify DrupalSetup * Run npm format --------- Co-authored-by: Jaap Marcus <9754650+jaapmarcus@users.noreply.github.com>
1 parent b4d0165 commit ae48105

2 files changed

Lines changed: 21 additions & 20 deletions

File tree

web/src/app/WebApp/AppWizard.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -74,7 +74,7 @@ public function getOptions() {
7474

7575
if ($this->appsetup->withDatabase()) {
7676
exec(HESTIA_CMD . "v-list-database-hosts json", $output, $return_var);
77-
$db_hosts_tmp1 = json_decode(implode("", $output), true);
77+
$db_hosts_tmp1 = json_decode(implode("", $output), true, flags: JSON_THROW_ON_ERROR);
7878
$db_hosts_tmp2 = array_map(function ($host) {
7979
return $host["HOST"];
8080
}, $db_hosts_tmp1);

web/src/app/WebApp/Installers/Drupal/DrupalSetup.php

Lines changed: 20 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
namespace Hestia\WebApp\Installers\Drupal;
44

55
use Hestia\WebApp\Installers\BaseSetup as BaseSetup;
6+
use function Hestiacp\quoteshellarg\quoteshellarg;
67

78
class DrupalSetup extends BaseSetup {
89
protected $appname = "drupal";
@@ -61,28 +62,28 @@ public function install(array $options = null): bool {
6162
"v-run-cli-cmd",
6263
[
6364
"/usr/bin/php" . $options["php_version"],
64-
$this->getDocRoot("/vendor/drush/drush/drush"),
65+
quoteshellarg($this->getDocRoot("/vendor/drush/drush/drush")),
6566
"site-install",
6667
"standard",
67-
"--db-url=mysql://" .
68-
$this->appcontext->user() .
69-
"_" .
70-
$options["database_user"] .
71-
":" .
72-
$options["database_password"] .
73-
"@" .
74-
$options["database_host"] .
75-
":3306/" .
76-
$this->appcontext->user() .
77-
"_" .
78-
$options["database_name"] .
79-
"",
80-
"--account-name=" .
81-
$options["username"] .
82-
" --account-pass=" .
83-
$options["password"],
68+
"--db-url=" .
69+
quoteshellarg(
70+
"mysql://" .
71+
$this->appcontext->user() .
72+
"_" .
73+
$options["database_user"] .
74+
":" .
75+
$options["database_password"] .
76+
"@" .
77+
$options["database_host"] .
78+
":3306/" .
79+
$this->appcontext->user() .
80+
"_" .
81+
$options["database_name"],
82+
),
83+
"--account-name=" . quoteshellarg($options["username"]),
84+
"--account-pass=" . quoteshellarg($options["password"]),
8485
"--site-name=Drupal",
85-
"--site-mail=" . $options["email"],
86+
"--site-mail=" . quoteshellarg($options["email"]),
8687
],
8788
$status,
8889
);

0 commit comments

Comments
 (0)